|
In our second year, we're back with a
caffeine-induced vengeance. The premise is simple. You wake
up, likely tired and hungover, you bring us your best coffees, and we find
out just who has the best coffee of all. Check it all out at coffeewars.org
New this year:
|
|
The social engineering competition is back... this year's competition will be held by the drunkenwhores.com crew. It will focus mainly on celebrity deception, and harassment of a select few 24 hour help lines... we will try very hard to keep it legal, but still very fun... some of the ideas we are working on right now include the personal cell phones of some of the most popular celebrities of today, and of course the 80's.... Yes, we do have Scott Baio's (Charles in Charge) home number and we are not afraid to call him up and say hello... sign ups will be at the con, and also via e-mail (defcon9_SE@hushmail.com), if the response is a large as we hope the participants will be chosen by a fair method at the con... -Humperdink |
|
The scavenger hunt this year is being run behalf of FLippersmack (project that replaced sysfail) with the help of Kline ezine (hackcanada) to ensure that there'll always be someone there. Stop by and pick up the rules and enter the contest! Check out the official scavenger web site. |
|
Defcon 9 radio. Featuring 3500+
listener selected tracks streaming Vorbis
through
Icecast2.
Users will have the ability
to vote on what they want to listen to, view who voted for what tracks, and even vote off a song if it sucks. The track that has the highest # of listeners will be broadcast to an FM frequency so those wandering around or in their hotel rooms can also listen in on what people want to hear. Our wandering reporters will be getting up to the minute reports from people @ the con and updates will be broadcast through the station randomly throughout the day. Get your scheduling information with D-Update, every hour during scheduled activities. A few of the lectures will also be available throughout the con through separate streams on the station. Assistance needed: For those who have recon capabilities in the area, we need to know what FM broadcasters there are in the area, and preferably like to find a solid frequency that is not currently in use... Information can be found prior to defcon @ Hacho. Sponsored by DMZ Services, Inc. |
|
OK, so this year we will have more ambient
music (So you can talk to the person next to you) and a bouncer at the
door.. Just like al those clubs you hate in LA or NY. If you
don't try to dress up in your finest threads you don't get in. This
is to revers last years trend to people showing up in the same clothing
they drove out from California in.
Once you get in there will be a bar (for those of you over 21), DJ action, a his / her best dressed contest and some other stuff we haven't thought of yet. So what is acceptable to wear? In the past there have been formal wear, fetish wear, bondage clothing, a prom dress, old zoot suits, and a full "cyber" punk on roller blades with a head mount display. Anything you want to show off or feel good wearing, basically. |
|
OK people, this is what you've been waiting
for. this page is (of course) still under construction and may change at
For the first time ever, we now finally have a DC-Shoot mailing list! use it to make defcon shoot plans, talk about guns, 2A, gun advocacy, hunting, BBQ recipes, load data, etc... Just send mail to majordomo@23.org with the words subscribe dcshoot in the message body. For complete information see the official and up to date DC-Shoot website. |
|
"The music is abominable" - Winn Schwartau Some major changes to the event this year. Due to the fact that Defcon is growing so large we now have to use the DJ room for speakers during the day. As of right now the DJ room will be providing entertainment from 6pm - 6am Friday and Saturday nights only. We had hoped to start Friday evening and go straight through till Sunday, but we need the space for speakers. This is going to limit the number of acts performing this year, but it should be a good party any ways. Big change number two is the format. Traditionally we have had Industrial/Goth/EBM music on Friday night. This year we are looking to fill the Friday slot with more live acts during the evening and some good chillout DJs for the late night. The reason for this is simply, the Industrial/Goth/EBM music really doesn't bring anyone into the room. No point in having a party if no one shows up. Go to the Official DEF CON DJ site maintained by twentythree.org to get the band lineup. |
|
Ethics. CyberEthics. Kids. Hackers. And
what about those Parents, huh?
Corporations are ethical, right? … and let’s not forget Government, too! Ethics is that gray area between Legal and Illegal…and maybe your personal or corporate ethics are different that his or hers, or of someone from a different country or culture. Yet, we all need to live in the same “Space”. And that’s the whole point of “CyberEthical Surfivor.” CyberEthical Surfivor is an Interactive Game that pits 18 brave souls on two teams against each other. The object of the Game is to be…duh… the last one standing: A true Surfivor. How you get there is half the fun, but Da Judge (Jennifer Granick) and Da Time Keeper and the D’Audience will be heavily involved in who become the Surfivor! Think: AUDIENCE PEOPLE: You get to play, too, by second-guessing and challenging the contestants on stage. You can pick and choose who stays and who goes. Who is the most or least ethical… in your humble opinion? We’ll have roving microphones so you can get your 2-cents in! Wouldn’t want our contestants to feel they’re getting off easy, would we? In fact, you can make their cyberethical lives a tad miserable, if you choose. LOSERS: There will be 17 losers, and they will all win something, just for playing. Nothing stupendous, but hey… you lost! SIGN UP: Anyone can play. Kids.
Spooks, Spies, Hackers, Suits. No age limits (this is a PG/PG-13 Game).
WHAT THE SURFIVOR WINS:
HOST: Winn Schwartau (www.nicekids.netwww.interpactinc.com, www.infowar.com ) Da Judges: Jennifer Granick, Stanford Law, Chris Goggans, Counterpane, Richard Thieme, Social Commentaryist. |
|
Starting on Friday and running until Sunday
evening there will be a DEF CON Movie Channel. Running on the hotel's
closed cable system, people staying at the Alexis Park can turn to this
channel to catch up on the history of hacking movies. As many movies
as we can pack in three days that are somehow related to the hacking scene.
See such stinkers as The Net, and such classics as Colossus: The Forbin
Project. Complete schedule to be available at the show.
NEW: Stevyn from The Iron Feather Journal will be this years VJ. He will play the movies, provide schedulle updates, sort movies, a few video interviews, and random content when not mannig his booth. |
|
We're changing the rules again, trying
for more action, more risk & more network uptime.
Teams: Each team is going to have a color, and should use Ethernet cables of that color. ( DT's going to spring for a box of red, white, blue, green, yellow, black and grey. ) Each team will get an SSL client certificate that allows access to the central reporting web site. Current teams are:
mfvsThe targets: The last three IP addresses of each subnet are the target/victim IP addresses. (That should be a big hint about what to scan) Each team should have at least one machine capable of running vmWare that they're willing to leave plugged in. VMware has donated some goodies for CTF, and we'll have a license that everybody can use during Defcon. (There isn't any computer check in this year. Your team has to take care of your target machines). How the game Works: Each team is
going to have some lUsers, some Sysadmins & probably a mess of hackers.
lUsers win by reporting on the services
that that the sysadmins on other teams have set up.
For each service you find on another team's
box, make a connection to the recording web server & report (scale
of 1-10, 10 is high) how cool the service is, how hard you think it would
be to implement (complexity) risk/ease of hacking.
Hackers will rank (scale of 1-10) the ease
of the hack, how "risky" the service was, (yes we are setting the lUsers
risk evaluation against the hackers) and coolness of the system that they
hacked.
Betting: If a team has a positive number of points, the sysadmins can choose to bet points that their machine or service won't be cracked. They have to find someone on the other teams to take that bet & work out the terms between them. The terms should be written on paper on the wall. Hacking teams can bet points they don't have, they just go into negative points when theyloose. Still with us? Here's the order:
Rules: No coercive force, mickey
finns or summoning of elder gods.
Strategy: If someone else has a cool service that's getting them a lot of points, have the hackers on your team steal it, THEN take them down. Alliances may be profitable. Build cool (and very portable) services in advance. Pleasing the crowd on the grey net may mean you get awarded bonus points. Getting hacked gives you points & the chance to change out your OS. So it is a valid strategy to put up lots of cool services that get hacked right away. A really cool server that stays up & keeps getting good lUser feedback is equivalent to installing a lot of os's & having them hacked right away. You get points for risky installs, but that costs you time. All of the scoring is tit for tat, not One round prisoners dillema so it makes sense to give people at least average points. Some cool service ideas Don't lock things down so that it can't be hacked, or rely on a back door that nobody will ever scan for. Deception and confusion about where the attacker is or has connected to, but not so much that no one can get past it. (hints are good) Multiple servers interacting Involving spoofing across a switch or router, or client with buffer overflows. Something new with plaintext protocols. (icecast over telnet with a new client) Just plain wrong apps (text mode quake) How can you help? There will be a mailing address for ctf up on defcon when the contest rules come up. As usual, you'll need to bring switches, hubs, 10base T gear, etc. We're also going to need a lot of pre made vmware images & strange intel operating systems to put into the drawing bag , so start scrounging for windows 2.0 If anybody is willing to run book on the contest & offer dollars for points, that would be great. In 1997 is was Team SNI, In 1998 it was the Mad Sweedish Hackers, In 1999 it was The Ghetto Hackers, In 2000 It was The Ghetto Hackers / Subterranean Security Group Combo... Who will it be in 2001? |
|
Well, actually they wil talk about it during an hour long Hacktivism panel. Why be an activist hacker? What are the goals of peekabooty? There will be a Q&A section from the audience as well. |
|
Ask the panel of hackers and security types questions.. if no onecan answer the question, they drink. You see how this can get interesting quickly? |
|
A really bad movie, CyberTraq AKA "Catching Kevin" - that really bad stinker based on John Markhoffs book "Take Down" along with some material stolen from John Littmin (They are in cort over it) as well as an interview with Kevin Mitnick that was taken out of context and inserted at the end of the movie with out his permission. Should be a treat! French with english subtitles. |
|
Yup… DefCon fans just keep on coming and
coming… So, for the 7th year in a row… we play Hacker Jeopardy!
You know the Game. Winners win great gifts
from Dark Tangent and DefCon. Losers get to drink. All players drink. (>21
Only)
WE NEED ANSWERS: Please send your ideas for answers (and questions) in groups of 6-7 in a specific category. Sometimes we get a little technical, but not too technical thats what the Unix Drinking Game is for. Send them to winns at gte d0t net and well try to build them into the Game. WHO CAN PLAY? Most people play pretty lousy… but you can still try. Submit your teams to Dtangent@DefCon.Org and we’ll pick you out of a hat before each Game. One year a secret government group got so drunk, they didn’t answer one question right. That was humiliating. For them. AUDIENCE PLAYS: Yup! You get to
play, too.
WHEN: Friday, July 13, 2001: 11PM.
Rounds One and Two.
|
|
Same Rules, Different year! "Like a paranoid
version of pin the tail on the donkey, the favorite sport at this gathering
of computer hackers and phone phreaks seems to be hunting down real and
imagined telephone security and Federal and local law enforcement authorities
who the attendees are certain are tracking their every move.. .. Of course,
they may be right."
Basically the contest goes like this: If you see some shady MIB (Men in Black) earphone penny loafer sunglass wearing Clint Eastwood to live and die in LA type lurking about, point him out. Just get my attention and claim out loud you think you have spotted a fed. The people around at the time will then (I bet) start to discuss the possibility of whether or not a real fed has been spotted. Once enough people have decided that a fed has been spotted, and the Identified Fed (I.F.) has had a say, and informal vote takes place, and if enough people think it's a true fed, or fed wanna-be, or other nefarious style character, you win a "I spotted the fed!" shirt, and the I.F. gets an "I am the fed!" shirt. NOTE TO THE FEDS: This is all in good fun, and if you survive unmolested and undetected, but would still secretly like an "I am the fed!" shirt to wear around the office or when booting in doors, please contact me when no one is looking and I will take your order(s). Just think of all the looks of awe you'll generate at work wearing this shirt while you file away all the paperwork you'll have to produce over this convention. I won't turn in any feds who contact me, they have to be spotted by others. DOUBLE SECRET NOTE TO FEDS: This year I am printing up extra "I am the Fed!" shirts, and will be trading them for coffee mugs, shirts or baseball hats from your favorite TLA. If you want to swap bring along some goodies and we can trade. Be stealth about it if you don't want people to spot you. Agents from foreign governments are welcome to trade too, but I gotta work on my mug collection and this is the fastest way. |
|
The JUMP is scheduled for July 12th.
All those who want to participate must meet at the front of the Alexis
Hotel at promptly 11 am. You will be responsible for all your own
costs and transportation. This activity is not cheap, bring valid plastic.
We will not front you credit. You need to be at least 18 years old
and be able to pass the Jump Masters physical exam. Those not able
to pay, not physically fit, or are under age will not jump, without exception.
If you plan on participating in this JUMP you must EMAIL me and receive an individual confirmation code. Those who show up intending to participate but do not have a valid individualized confirmation code can join the other lurkers on the sidelines and cheer us from afar. No exceptions. This JUMP is a Tandem Sky Dive from a perfectly functional aeroplane. You will be exiting this perfectly functional aeroplane at roughly 2 miles above the safety of terra firma. If you have already Sky Dived then you know the score. This is a life endangering event. If you participate, you do this act at your own risk of injury and/or death. I don't want anyone later to come crying to me about getting injured or killed. Nobody is forcing you to do this absolutely insane act. So you all can bite me if anything goes wrong and you discover only too late that your body does not bounce as well as you might have hoped. Nobody likes a cry baby anyway. Check http://www.atreus.org/ for complete info and to sign up! |